NSFOCUS Remote Security Assessment System. Overview



Similar documents
NSFOCUS Web Vulnerability Scanning System

MatriXay WEB Application Vulnerability Scanner V Overview. (DAS- WEBScan ) The best WEB application assessment tool

NSFOCUS Web Application Firewall White Paper

NSFOCUS Web Application Firewall

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

Mingyu Web Application Firewall (DAS- WAF) All transparent deployment for Web application gateway

How To Manage Security On A Networked Computer System

QualysGuard WAS. Getting Started Guide Version 4.1. April 24, 2015

Cisco ASA 5500 Series IPS Solution

WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Product Overview. Product Family. Product Features. Powerful intrusion detection and monitoring capacity

NSFOCUS Network Traffic Analyzer (NTA)

QualysGuard WAS. Getting Started Guide Version 3.3. March 21, 2014

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

SANS Top 20 Critical Controls for Effective Cyber Defense

DDoS Attack and Its Defense

Vulnerability Management

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

IT Security & Compliance. On Time. On Budget. On Demand.

IBM. Vulnerability scanning and best practices

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

Extreme Networks Security Analytics G2 Vulnerability Manager

Cisco SR 520-T1 Secure Router

IBM Security QRadar SIEM Version MR1. Vulnerability Assessment Configuration Guide

Secret Server Qualys Integration Guide

PCI DSS 3.0 Compliance

Cloud Security:Threats & Mitgations

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Rational AppScan & Ounce Products

ArcGIS Server Security Threats & Best Practices David Cordes Michael Young

The Cyber Threat Profiler

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

IBM Security QRadar Vulnerability Manager

Online Vulnerability Scanner Quick Start Guide

Intro to QualysGuard IT Risk & Asset Management. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe

Reducing Application Vulnerabilities by Security Engineering

IBM Security Network Protection

SECURITY TRENDS & VULNERABILITIES REVIEW 2015

WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK

Sitefinity Security and Best Practices

AN OVERVIEW OF VULNERABILITY SCANNERS

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

TRIPWIRE PURECLOUD. TRIPWIRE PureCloud USER GUIDE

Adobe Systems Incorporated

The Ultimate WLAN Management and Security Solution for Large and Distributed Deployments

Attack Vector Detail Report Atlassian

Patch and Vulnerability Management Program

SERENA SOFTWARE Serena Service Manager Security

modules 1 & 2. Section: Information Security Effective: December 2005 Standard: Server Security Standard Revised: Policy Ref:

CA Host-Based Intrusion Prevention System r8.1

Critical Security Controls

IBM Security Intelligence Strategy

Online Vulnerability Scanner User Manual

Secure Web Development Teaching Modules 1. Security Testing. 1.1 Security Practices for Software Verification

Vulnerability Scans Remote Support 15.1

Getting Ahead of Malware

Realize That Big Security Data Is Not Big Security Nor Big Intelligence

PN5212/PN5320/PN7212/PN7320

WebCruiser User Guide

Network Security Audit. Vulnerability Assessment (VA)

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

Penetration Testing Service. By Comsec Information Security Consulting

Where every interaction matters.

PortWise Access Management Suite

Netzwerkvirtualisierung? Aber mit Sicherheit!

IBM Security IBM Corporation IBM Corporation

The Nexpose Expert System

What is Security Intelligence?

Q1 Labs Corporate Overview

Extreme Networks Security Analytics G2 Risk Manager

Enterprise-Grade Security from the Cloud

Microsoft Baseline Security Analyzer (MBSA)

Acunetix Web Vulnerability Scanner. Getting Started. By Acunetix Ltd.

Premium Server Client Software

HP Application Security Center

IBM Proventia Network Enterprise Scanner

CONTENTS. PCI DSS Compliance Guide

Introducing IBM s Advanced Threat Protection Platform

Criticial Need for Stronger Network Security. QualysGuard SaaS-based Vulnerability Management for Stronger Security and Verification of Compliance

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

FREQUENTLY ASKED QUESTIONS

How to Grow and Transform your Security Program into the Cloud

PANO MANAGER CONNECTOR FOR SCVMM& HYPER-V

Goals. Understanding security testing

Cisco TelePresence ISDN GW MSE 8321

Penetration Test Report

Global Partner Management Notice

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

CyberArk Privileged Threat Analytics. Solution Brief

Redhawk Network Security, LLC Layton Ave., Suite One, Bend, OR

Transcription:

NSFOCUS Remote Security Assessment System Overview Network vulnerabilities are an increasingly common issue in today's highly complex computing environments. With exploit attacks appearing faster than ever before, it has become significantly more challenging for organizations to protect against attacks. Only if users could discover these vulnerabilities in their network and proactively get ready before attackers take action, can the losses of attacks be effectively avoided With years experience and practice in security services, along with requirements and product functionality from the end users, the NSFOCUS Remote Security Assessment System (RSAS) is a must have security assessment tool for enterprise s system/security administrators to effectively identify and remediate the network vulnerabilities that could lead to exposure and malicious attacks. Supported by professional NSFOCUS Security Research Team and integrated leading technologies such as NSIP (NSFOCUS Intelligent Profile), NSFOCUS RSAS discovers security vulnerabilities of the network and cyber asset automatically, efficiently and accurately. The Open Vulnerability Management (Open VM) platform provides powerful security solution to achieve vulnerability management in the entire workflow. The freestanding design and embedded operating system has dramatically improved the system s efficiency and keep the system itself in safe. It is stable and reliable, with no additional storage devices needed. The powerful Web application scanner can perform overall security scanning to Web applications, Web services and supportive systems, and help IT staff to simplify the work in finding and fixing application vulnerabilities. 1 / 8

NSFOCUS takes elaborate analysis to vulnerabilities found in the network assets, quantifies risks via an authoritative assessment model, and provides professional solutions to reduce risks. The convenient management function helps IT staffs quickly locate any risk residing in the information assets. Features Customer-friendly Design Assessment products are widely used in telecom carriers, governments and large-scale enterprises. NSFOCUS RSAS is designed to meet different and specific requirements in each focused field. Features like Multi-stage distributed deployment, open vulnerability management platform and multi-task capability are good choice to large network environments, while one-click intelligent task mode, quick reporting and intelligent digest technique are the highlights in organization and enterprise's network environments when it comes to ease of use and high performance. Complete Vulnerability Management Based on the Open VM workflow, NSFOCUS vulnerability management can be divided into five circular phases: vulnerability forecast, vulnerability detection, risk management, vulnerability remediation, and vulnerability audit. This compete solution can significantly reduce risks in the networks.. 2 / 8

Ease of Use It s not only easy to install this system, but also very simple to operate and maintain it. The intelligent one-click task mode, quick reporting, intelligent digest and many other techniques in this system have successfully realized the simplicity and efficiency in use. Meantime, NSFOCUS RSAS supports multi-user management. Through strict privilege division, the system can manage several virtual devices on one physical device, and support auditing logs about login, operation and anomaly. Largest Chinese Vulnerability Knowledge Base NSFOCUS is maintaining the largest Chinese vulnerability knowledge base (KB) in the global. This KB covers almost all common vulnerabilities in operating systems, databases, network devices and application programs which can be exploited remotely or locally. Over 9000 entries vulnerability information in the RSAS are picked from the KB. When a critical vulnerability is detected, the security team of NSFOCUS will forecast its potential threat and provide update packages within two days from the first discovery. 3 / 8

Accurate and Efficient Detection To ensure accuracy of vulnerability assessment, NSFOCUS RSAS is integrated Intelligent Profile technique to collect information of the target system and uninterruptedly adjust the data occurred in the middle of the progress to ensure a trusted final assessment. NSFOCUS RSAS is armed with a powerful scanning engine, namely NSSE (NSFOCUS Scanning Engine), which integrates automatic scanning technique relying on intelligent recognition of open port services and interdependent relationship with detection policies. Leveraging this powerful engine and a dedicated optimized operating system, the RSAS features very fast and accurate detection capability. Professional Web Application Scanner NSFOCUS RSAS Web application scanner is developed based on years of research on numerous Web attack tactics prevailing toady. It is an automatic security assessment and detection tool specially designed for Web application security administrators. Through combination of this modular scanner and traditional system scanning function, the RSAS greatly reduce the user s investment on additional appliance. Here we briefly introduce some characteristics of this scanner: Professional. It s a very professional tool to help administrators detect application vulnerabilities. Many advanced techniques (such as simulated clicking crawler to intelligently discover threats and active malware detection techniques) are integrated in this tool. Comprehensive. It provides multi-stage and overall vulnerability scanning, auditing, penetration testing and aided logical analysis to Web applications, Web services and supportive systems, keeping the network in safe by active finding potential risks and providing efficient remediation solutions. Effectiveness. It performs very fast and granular analysis to target Web applications by virtue of the embedded operating system, optimized scanning engine and high-performance intelligent crawler technique. Practiced Risk Management NSFOCUS RSAS provides a graphic assets management after combining assets, vulnerability and threats together, and present to users with a quantitative model, helping users to readily learn about risks in their networks. The authoritative model gives comprehensive assessment from 4 / 8

three aspects: assets, vulnerability, and threats. After assessment, this model outputs the trend analysis, both in quantity and in quality, with which users will be very clear about vulnerability distribution, top risk-ranged assets, and vulnerability distribution in a specific OS or application, as well as risks residing in their individual assets and the entire networks. By now, NSFOCUS RSAS is second to none vulnerability assessment product in China that adopts multi-dimensional and quantitative/qualitative assessment. Granular and Comprehensive Reporting NSFOCUS RSAS takes very granular analysis to security state of the entire network in different angle of views, like vulnerability distribution, threat severity, top 10 vulnerabilities and host information. It not only provides offline reporting, but also provides powerful online reporting. In addition, a practical report controller is designed to help users obtain effective information when requiring specific reports in line with a certain role, content or format. Risk analysis is given from the perspectives of macro and micro. At the macro scale, the RSAS reflects the whole network security status from different perspectives, including the granular statistical analysis of vulnerability distribution, threat severity, host information etc. in forms of column and pie charts; at the micro scale, the RSAS provides detailed solutions to each vulnerability detected, helping system administrators solve security issues quickly and accurately; moreover, it supports information retrieve by inputting key words, which facilitates knowing more about a host or a vulnerability. International Certificate and Standard NSFOCUS RSAS is a CVE Compatible assessment product and is the only vulnerability assessment product in China achieved the Checkmark Certification from West Coast Labs. 5 / 8

Specifications Table 1.1 NSFOCUS RSAS Functional Specification Specification RSAS X Series RSAS S Series RSAS E Series Vulnerability Assessment Weak Password Scan Vulnerabilities Checks > 9,000 > 9,000 > 9,000 Risk Mgt. Max. Number of Alive IP Addresses Scan Speed in Lab (IP/minute) Max. Concurrent Scan (IP address) Max. Number of Users Number of IP Addresses in Single Task Max. Concurrent Scan Tasks 512 Unlimited Unlimited 5 10 20 30 60 90 3 30 50 Multiple IP addresses in Class B Multiple IP addresses in Class B Multiple IP addresses in Class B 5 10 10 Max. Task Storage 100 150 500 Basic Reports System Mgt. Advanced Data Analysis Web Application Scanner Application Programming Interface (API) Distributed Deployment Optional Optional Optional Optional Optional Optional Optional Optional Sub-node Device Optional Sub-node Device Optional Mgt./Sub-node Device Sub-node: 8 (recommended) 6 / 8

. Table 1.2 NSFOCUS RSAS Web Application Scanner Applications Vulnerabilities Functions & Features Specification All Series HTTP 1.0 &1.1 Web application system Web 2.0/Ajax application Static and dynamic webpage Web services Web underlying support system Authentication method (cookie, NTLM etc.) HTTPS Web application system SQL Injection vulnerability scan XSS vulnerability scan Webpage Trojan detection Web malware detection Form type detection Cookie security detection CGI vulnerability scan GOOGLE-HACK detection CSRF Invalid links discover Sensitive file detection Web services misconfiguration detection Intelligent crawling technology Back-end database identification WASC vulnerability classification One-click auto scanning Website structure display Regular, periodic scanning Multi-threaded, multi-task concurrent scanning Data analysis and report 7 / 8

For more information: For more information about NSFOCUS products and services, please contact the NSFOCUS sales NSFOCUS TEL: +86 10 68438880 EMAIL: info@nsfocus.com NSFOCUS US TEL: +1 408 907 6638 EMAIL: info-us@nsfocus.com NSFOCUS Japan TEL: +81 3 6206 8156 EMAIL: info-jp@nsfocus.com For more information visit NSFOCUS Website: www.nsfocus.com Table 1.3 NSFOCUS RSAS Physical Specifications Model RSAS X Series RSAS S Series RSAS E Series NIC 100/1000M 100/1000M 100/1000M Adaptive Adaptive Adaptive Serial Port RS232 (DB9) RS232 (DB9) RS232 (RJ45) Memory 1G 2G 4G Rack Mountable 1 U 1 U 2 U Weight 7.0 Kg 7.0 Kg 12.0 Kg Dimension (H*L*W) 44*392*430 (mm) 44*392*430 (mm) 88*392*440 (mm) Power Supply 220 V,180 W 220 V, 180 W 220 V, 350 W MTBF > 60,000 hours > 60,000 hours > 60,000 hours Operating Temp. 0-40 0-40 0-40 Non-operating Temp. -20-65 -20-65 -20-65 Relative 10%-95% 10%-95% 10%-95% Humidity non-condensing non-condensing non-condensing Electromagnetic Class A, Class A, Class A, Radiation EN55022, FCC EN55022, FCC EN55022, FCC Standard Part15 Part15 Part15 NSFOCUS is the trademark of NSFOCUS Information Technology Co., Ltd. NSFOCUS enjoys all copyrights with respect to all textual narrations, document formats, illustrations, photographs, methods, processes and other contents, unless otherwise specified, which shall be governed by relevant property rights and copyright laws. Without written permission of NSFOCUS, any individual or institution shall be prohibited to copy or quote any section herein in any way. About NSFOCUS NSFOCUS is a proven global leader in active perimeter network security for service providers, data centers, and corporations. It focuses on providing network security solutions including: carrier-grade Anti-DDoS System, Web Application Firewall, and Network Intrusion Prevention System - all designed to help customers secure their networks and corporate-critical information. More detailed information is available at http://www.nsfocus.com. 8 / 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information